Bug#948224: pillow: CVE-2020-5310 CVE-2020-5311 CVE-2020-5312 CVE-2020-5313
FWIW I'm fairly convinced that the first vulnerable version for CVE-2020-5310 is 6.0.0, which is the first release that included https://github.com/python-pillow/Pillow/commit/e91b851fdc1c914419543f485bdbaa010790719f which introduced the overflow when switching away from the safer TIFFTileSize & TIFFStripSize in the critical lines. So you can probably mark 5.4.1 as safe for CVE-2020-5310 robert.
Bug#928770: sqlite3: CVE-2019-5018: Window Function Remote Code Execution Vulnerability
> Alternatively, it could be related to: > https://www.sqlite.org/src/info/4feb3159c6bc3f7e33959 > > This was released as a part of 3.27.2 and looks like it has the right > text as well. What concerns me is that the ticket[0] is almost a week > before TALOS's timeline for "Vendor patched" plus it mentioned "free > that has not been malloc'ed" rather than "use after free". That said, > the test case examples for both issue are similar.� This looks like a promising candidate. If you have the actual test case examples (I don't seem to be able to find them) it's surely "just" a matter of trying the PoC against this revision and its parent. Or going a bit further, using it to bisect between 3.27 and 3.28 (using a git mirror of the source). robert.
Bug#596453: 855GM: X hard locks system on startup
Package: linux-image-2.6.32-5-686 Version: 2.6.32-21 Severity: grave Hi, Blacklisting the 855GM from KMS in 2.6.32-21 to fix bugs like 582105 seems to be causing my system to hard lock when X starts up. Magic sysrq key does nothing, and of course the 855GM being totally blacklisted means modeset=1 is powerless. I'm running squeeze on an IBM thinkpad R50e. In 2.6.32-20 the kernel boots with KMS and then goes through to bring X up properly. 2.6.32-21 brings the kernel up in vga mode and causes a black screen and a hard lock when kdm is started. Attached is lspci -vv output and a dmesg. Both taken when running 2.6.32-20 with X working. I'm unsure what information will be useful from a -21 system, as the hardlock means it's hard for me to get information once something interesting graphics related has happened. The Xorg log shows nothing interesting. Please tell me if more information is required. robert. [0.00] Initializing cgroup subsys cpuset [0.00] Initializing cgroup subsys cpu [0.00] Linux version 2.6.32-5-686 (Debian 2.6.32-20) (b...@decadent.org.uk) (gcc version 4.3.5 (Debian 4.3.5-2) ) #1 SMP Thu Aug 12 13:38:27 UTC 2010 [0.00] KERNEL supported cpus: [0.00] Intel GenuineIntel [0.00] AMD AuthenticAMD [0.00] NSC Geode by NSC [0.00] Cyrix CyrixInstead [0.00] Centaur CentaurHauls [0.00] Transmeta GenuineTMx86 [0.00] Transmeta TransmetaCPU [0.00] UMC UMC UMC UMC [0.00] BIOS-provided physical RAM map: [0.00] BIOS-e820: - 0009f000 (usable) [0.00] BIOS-e820: 0009f000 - 000a (reserved) [0.00] BIOS-e820: 000dc000 - 0010 (reserved) [0.00] BIOS-e820: 0010 - 4f6e (usable) [0.00] BIOS-e820: 4f6e - 4f6f7000 (ACPI data) [0.00] BIOS-e820: 4f6f7000 - 4f6f9000 (ACPI NVS) [0.00] BIOS-e820: 4f70 - 5000 (reserved) [0.00] BIOS-e820: ff80 - 0001 (reserved) [0.00] DMI present. [0.00] last_pfn = 0x4f6e0 max_arch_pfn = 0x10 [0.00] MTRR default type: uncachable [0.00] MTRR fixed ranges enabled: [0.00] 0-9 write-back [0.00] A-B uncachable [0.00] C-C write-protect [0.00] D-DBFFF uncachable [0.00] DC000-D write-back [0.00] E-F write-protect [0.00] MTRR variable ranges enabled: [0.00] 0 base 0 mask FC000 write-back [0.00] 1 base 04000 mask FF000 write-back [0.00] 2 base 04FF0 mask 0 uncachable [0.00] 3 disabled [0.00] 4 disabled [0.00] 5 disabled [0.00] 6 disabled [0.00] 7 disabled [0.00] PAT not supported by CPU. [0.00] initial memory mapped : 0 - 0180 [0.00] init_memory_mapping: -373fe000 [0.00] 00 - 40 page 4k [0.00] 40 - 003700 page 2M [0.00] 003700 - 00373fe000 page 4k [0.00] kernel direct mapping tables up to 373fe000 @ 7000-d000 [0.00] RAMDISK: 377eb000 - 37fef0d7 [0.00] Allocated new RAMDISK: 0010 - 009040d7 [0.00] Move RAMDISK from 377eb000 - 37fef0d6 to 0010 - 009040d6 [0.00] ACPI: RSDP 000f6e40 00024 (v02 IBM ) [0.00] ACPI: XSDT 4f6ef33d 0004C (v01 IBMTP-1W2080 LTP ) [0.00] ACPI: FACP 4f6ef400 000F4 (v03 IBMTP-1W2080 IBM 0001) [0.00] ACPI Warning: 32/64X length mismatch in Gpe1Block: 0/32 (20090903/tbfadt-526) [0.00] ACPI Warning: Optional field Gpe1Block has zero address or length: 102C/0 (20090903/tbfadt-557) [0.00] ACPI: DSDT 4f6ef5e7 07865 (v01 IBMTP-1W2080 MSFT 010E) [0.00] ACPI: FACS 4f6f8000 00040 [0.00] ACPI: SSDT 4f6ef5b4 00033 (v01 IBMTP-1W2080 MSFT 010E) [0.00] ACPI: ECDT 4f6f6e4c 00052 (v01 IBMTP-1W2080 IBM 0001) [0.00] ACPI: TCPA 4f6f6e9e 00032 (v01 IBMTP-1W2080 PTL 0001) [0.00] ACPI: BOOT 4f6f6fd8 00028 (v01 IBMTP-1W2080 LTP 0001) [0.00] 386MB HIGHMEM available. [0.00] 883MB LOWMEM available. [0.00] mapped low ram: 0 - 373fe000 [0.00] low ram: 0 - 373fe000 [0.00] node 0 low ram: - 373fe000 [0.00] node 0 bootmap 9000 - fe80 [0.00] (9 early reservations) == bootmem [00 - 00373fe000] [0.00] #0 [00 - 001000] BIOS data page == [00 - 001000] [0.00] #1 [001000 - 002000]EX TRAMPOLINE == [001000 - 002000] [0.00] #2 [006000 -
Bug#596453: 855GM: X hard locks system on startup
On Saturday 11 September 2010, you wrote: On 09/11/2010 06:24 PM, Robert Scott wrote: Blacklisting the 855GM from KMS in 2.6.32-21 to fix bugs like 582105 seems to be causing my system to hard lock when X starts up. Magic sysrq key does nothing, and of course the 855GM being totally blacklisted means modeset=1 is powerless. Hi Robert, unfortunately it's a known problem for i855 users. While waiting for a solution, you can find more info here (the first is the more detailed): #594623 #595511 #595521 Ah, thanks - I had seen that bug but for some reason thought it didn't apply to me - seems I was just being crazy. I'll just hold -20 for now. Thanks for the quick response, robert. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
